From: Evan Hunt <each@isc.org>
Date: Mon, 2 Jul 2012 17:03:46 +0000 (-0700)
Subject: fix bad-cache assert
X-Git-Tag: v9.8.3-P2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7df6e2090c9904fe14e47c6e994502326f0f89d;p=thirdparty%2Fbind9.git

fix bad-cache assert

3346.	[security]	Bad-cache data could be used before it was
			initialized, causing an assert. [RT #30025]
---

diff --git a/CHANGES b/CHANGES
index a018cd3bc4b..c07767aa4a9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3346.	[security]	Bad-cache data could be used before it was
+			initialized, causing an assert. [RT #30025]
+
 3342.	[bug]		Change #3314 broke saving of stub zones to disk
 			resulting in excessive cpu usage in some cases.
 			[RT #29952]
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 1ae2f16bea3..4c8b144486b 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -8448,6 +8448,7 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
 			goto cleanup;
 		bad->type = type;
 		bad->hashval = hashval;
+		bad->expire = *expire;
 		isc_buffer_init(&buffer, bad + 1, name->length);
 		dns_name_init(&bad->name, NULL);
 		dns_name_copy(name, &bad->name, &buffer);
@@ -8459,8 +8460,8 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
 		if (resolver->badcount < resolver->badhash * 2 &&
 		    resolver->badhash > DNS_BADCACHE_SIZE)
 			resizehash(resolver, &now, ISC_FALSE);
-	}
-	bad->expire = *expire;
+	} else
+		bad->expire = *expire;
  cleanup:
 	UNLOCK(&resolver->lock);
 }